- Generated by
1.8.13
|
Bitdefender Hypervisor Memory Introspection
|
#include <codeblocks.h>
Data Fields | |
| DWORD | OffsetStart |
| The start of the extracted codeblock (not actually relevant) More... | |
| DWORD | Hash |
| The hash will be computed on Chunks array. More... | |
| WORD | Size |
| Code block size, in patterns. More... | |
| BYTE | PivotInstruction |
| BYTE | Chunks [CODE_BLOCK_CHUNKS_COUNT] |
| The actual CODE_INS values representing the instruction pattern. More... | |
Describes a single normalized code block. This is just a "passing" structure. From this it will be built a CODE_SIGNATURE structure that will be matched against the databases (or inserted into one). Each codeblock is a series of patterns that will be computed into a hash. A signature will consist of a few hashes like this.
Definition at line 51 of file codeblocks.h.
| BYTE _CODE_BLOCK::Chunks[CODE_BLOCK_CHUNKS_COUNT] |
The actual CODE_INS values representing the instruction pattern.
Definition at line 58 of file codeblocks.h.
Referenced by IntAlertFillCodeBlocks(), IntFragDumpBlocks(), and IntSerializeExtractCodeBlocks().
| DWORD _CODE_BLOCK::Hash |
The hash will be computed on Chunks array.
Definition at line 54 of file codeblocks.h.
| DWORD _CODE_BLOCK::OffsetStart |
The start of the extracted codeblock (not actually relevant)
Definition at line 53 of file codeblocks.h.
Referenced by IntAlertFillCodeBlocks(), IntFragDumpBlocks(), IntSerializeCodeBlocksPattern(), and IntSerializeExtractCodeBlocks().
| BYTE _CODE_BLOCK::PivotInstruction |
This indicates the first instruction type inside the code block.
Definition at line 56 of file codeblocks.h.
Referenced by IntAlertFillCodeBlocks(), IntFragDumpBlocks(), and IntSerializeExtractCodeBlocks().
| WORD _CODE_BLOCK::Size |
Code block size, in patterns.
Definition at line 55 of file codeblocks.h.
Referenced by IntAlertFillCodeBlocks(), IntFragDumpBlocks(), and IntSerializeExtractCodeBlocks().
1.8.13